GreenRocket Security Blog
GreenRocket Security Blog
The Latest
At Green Rocket Security, we’re constantly striving to improve our product to meet and exceed users’ expectations. Here are some highlights from 2025’s product developments:
- The LDAP Authenticator Module has been enhanced to support a wider variety of integrations, such as SolarWinds
- RADIUS settings for token types, group membership, VSAs, and group prioritization are now at the RADIUS client level rather than the domain level
- RADIUS ports can be used to enforce different Multi-Factor policies (password + token, password + PIN + token, PIN + token, token only) and different token types (YubiKeys, Authenticator app tokens, etc.)
- Added support for ECC certificates
- GreenRADIUS now provides broader support for OATH tokens (HOTP and TOTP) from any manufacturer by eliminating manufacturer-specific constraints
- GreenRADIUS now supports IPv6
Thank you to all our customers and partners. We look forward to further improvements in 2026!
Cyber attacks are on the rise. Schools from, elementary to university-level, are especially vulnerable for multiple reasons. The Guardian reported that schools were nearly twice as likely as private businesses to experience
Boyd Gaming recently notified the public of a data breach on their systems, in which personal information of employees and several other individuals was stolen. Certain personal data was also removed
In June 2025, Akira Ransomware Group took down KNP Logistics Group by successfully guessing one employee password. KNP had operated as a transport company servicing the UK for 158 years
Authentication
Thousands of school districts in the US use the software system, Power School, as a tool to manage student and teacher information. Over 60 million students have data stored with this software. This past December the system was hacked causing disruption for many school districts across the country.
Using stolen credentials a hacker or group was able to access large amounts of personal information through the customer support portal.
At least two anonymous school districts have confirmed that even historical data has been stolen from former students, as well as current.
TechCrunch states that, “PowerSchool have told TechCrunch that hackers accessed ‘all’ of their historical student and teacher data.” From some commentary by RootED’s executive chief, the article continues that, “some school districts are reporting the number of affected students in the range of four- to 10-times higher than the number of actively enrolled students in their district.”
Another source claimed that data has been stolen even prior to December. On top of this, it has been found that school districts which only formerly used PowerSchool have also been affected by this breach.
Some accusations claim that PowerSchool failed to implement basic software protection, such as multi-factor authentication. When TechCrunch reached out to a PowerSchool spokesperson, she answered that their software did have MFA but did not make any further comment.
The scale of this data breach remains unknown, although multiple school districts have disclosed their effects, and more continue to do so as well.
To prevent such disaster, secure the data under your charge with multi-factor authentication. Contact us to find out how GreenRADIUS can provide this safety for your customers and your team.
A large-scale cyber-attack was confirmed earlier this week that includes breaches into United States federal government agencies. On Monday, SolarWinds confirmed that Orion – its flagship network management software – had served as the unwitting...
Weak passwords and cross-site password reuse are two of the most common ways to break into a WordPress installation. Fortunately, WordPress plugins are able to augment the system’s default authentication. Our GreenRADIUS WordPress Authentication Plugin...
General
We are excited to announce the release of GreenRADIUS v4.0! With this release, GreenRADIUS becomes even more versatile to meet various customer requirements. Among the most important changes are the following:
- FIPS 140-2 compliance
- Containerization
- Upgrade to Ubuntu 18.04 LTS
FIPS 140-2 Compliance
As requested by many government agencies, GreenRADIUS v4.0 can be configured to run in FIPS mode, thus achieving FIPS 140-2 compliance. Paired with YubiKey FIPS tokens, customers can deploy an end-to-end, FIPS-compliant 2FA solution. This GreenRADIUS-YubiKey solution can support a number of integrations, such as VPN, Windows logon, Linux ssh, SAML-based applications, websites, and more.
Containerization
Also requested by customers was to make GreenRADIUS a containerized solution. While deploying GreenRADIUS as a virtual machine is still popular among our customers, we have added the flexibility to deploy GreenRADIUS as a containerized solution for those that prefer to.
Upgrade to Ubuntu 18.04 LTS
The GreenRADIUS v4.0 VM runs on Ubuntu 18.04 LTS, an upgrade from the now end-of-life Ubuntu 14.04 LTS that was used for GreenRADIUS v3.1.
Learn more about GreenRADIUS by contacting us at info@greenrocketsecurity.com.
I’m sure you’ve heard about the numerous cyber attacks on big businesses like Target, Chase Bank, Equifax, and Sony, and other large organizations like the U.S. Government. These are big enterprises that have the resources...
2016 has been an exciting year for GreenRADIUS. Apart from security-related updates and bug fixes, your feedback has been the basis of over 50 new features and improvements to GreenRADIUS during the year! The top...
News
At the end of August, TransUnion began notifying individuals of a breach on their systems, affecting over 4.4 million customers. They confirmed that sensitive information had been stolen which included names, dates of birth, and social security numbers.
TransUnion is used by over 65,000 businesses across the world, and one of the three major credit reporting agencies in the United States.
TechCrunch reports, “Several companies, including Google, insurance giant Allianz Life, Cisco, and HR giant Workday, reported data breaches of customer data stored in their Salesforce-hosted cloud databases.”
TransUnion is evidently the most recent target in this chain of attacks. This was a large scale breach agianst the company, yet only a fragment of this broad cyberattack wave. Now is the time to secure your networks with multi-factor authentication. Contact us today to hear more about our GreenRADIUS 2FA solution.
The recent discovery of the Blast-RADIUS vulnerability (CVE-2024-3596) poses a significant risk to networks worldwide. This flaw in the RADIUS authentication protocol can be exploited by attackers to gain unauthorized access, launch denial-of-service attacks, and...
SUMMARY This notice covers CVE-2024-6387 OpenSSH vulnerability (nicknamed “regreSSHion”) and its impact related to GreenRADIUS. GreenRADIUS is accessed using SSH from an internal (on prem) origin and therefore normally protected by an external firewall. This...
New Threats
Are you using a password manager to securely store all of your passwords? The use of password managers has become very common. It allows people to keep track of a variety of passwords, which are unique enough to protect their networks.
Although the purpose of this is to keep your passwords together in a secure manner, cases have been found in which these password managers have mistakenly leaked credentials. This flaw in the system has been named “AutoSpill”.
TechSpot recently reported that the way this happens is, “When the password manager is prompted to fill in the credentials, the expected behavior is that it’ll autofill them in the right fields of the WebView interface. However, it will sometimes expose your credentials to the base app instead.”
In this case there is no phishing or trick that the user can avoid, the mistake is automatically done through the password manager itself.
Having multi-factor authentication protects your network against the AutoSpill glitch or in any situation where your password has been exposed. This is because the password itself is not sufficient to gain access to your sensitive information.
Green Rocket Security specializes in multi-factor authentication by which users can have access to an Authenticator app or a physical token, such as a YubiKey. If you are looking for network protection beyond just your passwords, contact us to learn more about our GreenRADIUS solution.
Summary CVE-2021-44228 and CVE-2021-45046 (Log4Shell or LogJam) are both zero-day vulnerabilities in the widely used Apache Log4j Java-based logging library. Since it is widely used in many popular products, customers have contacted Green Rocket Security...
LokiBot Trojan Malware (a.k.a LukiBot, Lokibot, Loki PWS, and Loki-bot) is active again stealing sensitive information such as usernames, passwords, cryptocurrency wallets, and other credentials. It was first discovered in 2015 and has been used...